﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Maticsoft.Web
{
    public partial class Login1 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void btnLogin_Click(object sender, EventArgs e)
        {

            //获取数据
            string name = this.UserName.Text;
            string password = this.Password.Text;
            string yanzhengma = this.Yanzhengma.Text;

            if (validate(name))
            {
                lblMessage.Text = "用户名中不能含有非法字符！";
                //Response.Write("<script>alert('用户名中不能含有非法字符');history.back()</script>");
                return;
            }
            if (validate(password))
            {
                lblMessage.Text = "密码中不能含有非法字符！";
                //Response.Write("<script>alert('密码中不能含有非法字符');history.back()</script>");
                return;
            }

            if (String.Compare(Session["checkCode"].ToString(), yanzhengma.ToUpper(), true) != 0)
            {
                lblMessage.Text = "验证码中不能含有非法字符！";
                //Response.Write("<script language=javascript>alert('验证码错误，请重新输入！')</script>");
                return;
            }
            else
            {
                if (string.IsNullOrEmpty(name))
                {
                    lblMessage.Text = "用户名不能为空！";
                    return;
                }
                if (string.IsNullOrEmpty(password))
                {
                    lblMessage.Text = "密码不能为空！";
                    return;
                }



                //开始登陆                
                Maticsoft.BLL.UserInfo userbll = new Maticsoft.BLL.UserInfo();
                Maticsoft.Model.UserInfo usermodel = userbll.LoginUser(name, password);
                if (usermodel == null || usermodel.UserId == 0)
                {
                    lblMessage.Text = "用户名或密不正确！";
                    return;
                }
                Session["User"] = usermodel;
                Session["group"] = "注册用户";//页面权限验证功能放在Controls/checkriht.ascx页面,在要验证的页面里加该用户控件
                //Response.Redirect("~/Default.aspx");//登录成功后跳转页面


                //也可以进入注册用户后台管理
                Response.Redirect("~/Main.aspx");
            }


        }


        public bool validate(string str)
        {
            string strobj;
            bool ss = false;
            for (int i = 0; i < str.Length; i++)
            {
                strobj = str.Substring(i, 1);
                if (strobj == "%" || strobj == "&" || strobj == "'" || strobj == "|" || strobj == "<" || strobj == ">")
                {
                    ss = true;
                    break;
                }
            }
            return ss;
        }


    }
}